Testimonials

It is refreshing to work with such a knowledgeable and solution orientated company who demonstrate t... view more >

The service that we have received from CDS Security & Fire has been first rate. They have really tak... view more >

We would like to thank CDS Security for the high quality of workmanship and professionalism shown wh... view more >

Latest News

CDS Macmillan Coffee Morning a Great Success! #coffeemorning

Our Macmillan Coffee Morning was a great success! Thank you to everyon... view more >

Intruder Alarm Systems - ACPO Policy Changes 2006

NEW POLICE RESPONSE POLICY (FROM 1ST APRIL 2006) ACPO (Association of... view more >

Intruder Alarm Systems - EN50131

From 1st October 2005 New European Standards for Intruder Alarms repla... view more >

Privacy Policy

GDPR PRIVACY NOTICE

Data controller (“the Company”): CDS Security & Fire
Controller’s representative: Rosie Abbott (Data Compliance Manager)


Introduction

CDS Security & Fire are a leader in electronic Security, Fire, CCTV, Access Control and Emergency Communication Systems. As the largest family ran company, we are recognised for our excellent service in providing security, fire and communication systems for domestic, commercial, public and construction premises in the North East including Durham, Northumberland, Tyne & Wear, Sunderland, Co Durham, Cleveland, North Yorkshire and surrounding areas.

In this notice, references to “we”, “us” or “our” are references to CDS Security & Fire.

We collect and process personal information, or personal data, relating to customers to manage our working relationship with you. This personal information may be held by us on paper or in electronic format.

We are committed to being transparent about how it handles your personal information, to protecting the privacy and security of your personal information and to meeting its data protection obligations under the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018. The purpose of this privacy notice is to make you aware of how and why we will collect and use your personal information both during and after your relationship with the Company.

We are a data controller in respect of personal information that we process in connection with our business (including the products and services that we provide).

We have appointed a data compliance manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or about how we handle your personal information, please contact our Data Compliance Manager, Rosie Abbott.

What types of personal information do we collect about you?

Personal information is any information about an individual from which that person can be directly or indirectly identified.

The Company collects, uses and processes a range of personal information about you. This might include (as applicable):

  • your contact details, including your name, address, telephone number and personal e-mail address
  • your emergency contact details/keyholder details
  • banking details
  • confidential correspondence
  • Information about your use of IT systems relating to the security, fire, CCTV, Access and communication systems we provide.
  • Our systems and products may collect system and event information relating to their setup, configuration and operation, as well as information collected by our products in their ordinary course of operation via audit trail. This information may include sensor data, equipment data, data regarding building spaces, energy usage data, fault data, event data, environmental data, and other internal or external data as well as product usage information and product performance data. In some circumstances, this information may be Personal Data. In the case of video or security products, the information may also include video and audio signals and data. The nature and extent of the information collected by our products will vary based on the type and function of the product and the type of services for which they are used, subject to applicable laws.

How do we collect your personal information?

The Company may collect personal information customers in a variety of ways. It is collected during the enquiry and sales process, either directly from you or sometimes from a third party such as a referral.

The personal data we collect depends on whether you just visit our website or use our services. If you visit our website, you do not need to provide us with any personal data. However, your browser transmits some data automatically, such as the date and time of retrieval of one of our web pages, your browser type and settings, your operating system, the last web page you visited, the data transmitted and the access status, and your IP address.

If you use our services, personal data is required to fulfill the requirements of a contractual or service relationship, which may exist between you and our organization.

Website

When someone visits www.cdssecurity.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. If we do want to collect personally identifiable information through our website, we will make it clear when we collect personal information and will explain what we intend to do with it.
Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either CDS Security & Fire or any third party.
We use a third party provider, Mailchimp, to deliver our monthly e-newsletters. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. For more information, please see Mailchimp’s privacy notice.

CCTV

Our head office has Closed Circuit Television (CCTV) and you may be recorded when you visit.

CCTV is also used to provide security and to protect both our staff and visitors, and for the prevention and detection of crime. CCTV will be only be viewed when necessary (e.g. to detect or prevent crime) the footage is stored for a set period of time after which it is recorded over. We comply with the Information Commissioner’s Office CCTV Code of Practice.

Why and how do we use your personal information?

We process personal data only for the purpose for which they are collected. The purpose is dependent on whether you use only our website, or additionally, our services. If you use our services you are required to register and we collect your personal data. We use this personal data for the provision of the service or the performance of the contract. We may use your personal data for other similar purposes, including marketing and communications, but that will only occur where we have your consent or another legal justification for doing so such as a contract requirement or to fulfil legitimate interests.

We will only use your personal information when the law allows us to. These are known as the legal bases for processing. We will use your personal information in one or more of the following circumstances:

  • to enable us to perform our contract with you
  • where we need to comply with a legal obligation
  • where it is necessary for our legitimate interests (or those of a third party), and your interests or
  • your fundamental rights and freedoms do not override our interests.
  • We may also occasionally use your personal information where we need to protect your vital interests (or someone else’s vital interests).

What if you fail to provide personal information?

If you fail to provide certain personal information when requested or required, we may not be able to perform the contract you have entered into with us, or we may be prevented from complying with our legal obligations. You may also be unable to exercise your statutory or contractual rights.

How does the Company protect your personal information?

The Company has put in place measures to protect the security of your personal information. It has internal policies, procedures and controls in place to try and prevent your personal information from being accidentally lost or destroyed, altered, disclosed or used or accessed in an unauthorised way. In addition, we limit access to your personal information to those employees, workers, agents, contractors and other third parties who have a business need to know in order to perform their job duties and responsibilities. You can obtain further information about these measures from our data compliance manager, Rosie Abbott.

Where your personal information is shared with third-party service providers e.g. Alarm Receiving Centre etc, we require all third parties to take appropriate technical and organisational security measures to protect your personal information and to treat it subject to a duty of confidentiality and in accordance with data protection law. We only allow them to process your personal information for specified purposes and in accordance with our written instructions and we do not allow them to use your personal information for their own purposes.
The Company also has in place procedures to deal with a suspected data security breach and we will notify the Information Commissioner’s Office (or any other applicable supervisory authority or regulator) and you of a suspected breach where we are legally required to do so.

For how long does the Company keep your personal information?

The Company will only retain your personal information for as long as is necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, tax, health and safety, reporting, accounting or statutory or regulatory accreditation requirements.

We keep information in accordance with the retention procedures and retention periods, which are in line with the length of the time we need to keep your personal information in order to manage and administer a client/customer contract for business purposes.

Personal information which is no longer to be retained will be securely and effectively destroyed or permanently erased from our IT systems and we will also require third parties to destroy or erase such personal information where applicable.

In some circumstances we may anonymise your personal information so that it no longer permits your identification. In this case, we may retain such information for a longer period.

Your rights in connection with your personal information

It is important that the personal information we hold about you is accurate and up to date. Please keep us informed if your personal information changes, e.g. you change your telephone number, during your working relationship with the Company so that our records can be updated. The Company cannot be held responsible for any errors in your personal information in this regard unless you have notified the Company of the relevant change.

If you would like further information on your rights or wish to exercise them, please contact us. You will be asked to provide the following details:

  • The personal information you want to access;
  • Where it is likely to be held;
  • The date range of the information you wish to access

We will also need you to provide information that will help us confirm your identity. If we hold personal information about you, we will give you a copy of the information in an understandable format together with an explanation of why we hold and use it.

Once we have all the information necessary to respond to your request we’ll provide your information to you within one month. This timeframe may be extended by up to two months if your request is particularly complex.

As a data subject, you have a number of statutory rights. Subject to certain conditions, and in certain circumstances, you have the right to:

  • request access to your personal information - this is usually known as making a data subject access request and it enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
  • request rectification of your personal information - this enables you to have any inaccurate or incomplete personal information we hold about you corrected
  • request the erasure of your personal information - this enables you to ask us to delete or remove your personal information where there’s no compelling reason for its continued processing, e.g. it’s no longer necessary in relation to the purpose for which it was originally collected
  • restrict the processing of your personal information - this enables you to ask us to suspend the processing of your personal information, e.g. if you contest its accuracy and so want us to verify its accuracy
  • object to the processing of your personal information - this enables you to ask us to stop processing your personal information where we are relying on the legitimate interests of the business as our legal basis for processing and there is something relating to your particular situation which makes you decide to object to processing on this ground
  • data portability - this gives you the right to request the transfer of your personal information to another party so that you can reuse it across different services for your own purposes.

If you wish to exercise any of these rights, please contact our data compliance manager. We may need to request specific information from you in order to verify your identity and check your right to access the personal information or to exercise any of your other rights. This is a security measure to ensure that your personal information is not disclosed to any person who has no right to receive it.

In the limited circumstances where you have provided your consent to the processing of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. This will not, however, affect the lawfulness of processing based on your consent before its withdrawal. If you wish to withdraw your consent, please contact our data compliance manager. Once we have received notification that you have withdrawn your consent, we will no longer process your personal information for the purpose you originally agreed to, unless we have another legal basis for processing.

If you believe that the Company has not complied with your data protection rights, you have the right to make a complaint to the Information Commissioner’s Office (ICO) at any time. The ICO is the UK supervisory authority for data protection issues.

Transferring personal information outside the European Economic Area

The Company will not transfer your personal information to countries outside the European Economic Area.

Changes to this privacy notice

The Company reserves the right to update or amend this privacy notice at any time, including where the Company intends to further process your personal information for a purpose other than that for which the personal information was collected or where we intend to process new types of personal information. We will issue you with a new privacy notice when we make significant updates or amendments. We may also notify you about the processing of your personal information in other ways.

What to do if you’re not happy

In the first instance, please talk to us directly so we can resolve any problem or query. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113 or at www.ico.org.uk.

 

logo logo logo logo logo logo logo
  • Share
  • Phone us
  • Email us

CDS Security & Fire, Units 8-10, Dragonville Industrial Park, Gilesgate, Durham, DH1 2XH, | Company No.: 2621153 | VAT No.: 92757458

Valid XHTML 1.1 |  Valid CSS |  Web Design in Durham and Newcastle |  Copyright © 2018